Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5mNquBo0Op_9glfqyx3exTiWaAQ.cer
File: 5mNquBo0Op_9glfqyx3exTiWaAQ.cer (raw, json)
Hash identifier: cqsJPLn5NXWgfoflS3jlRHZ/8CGw+VTdJWoN1E41DPk=
Subject key identifier: E6:63:6A:B8:1A:34:3A:9F:FD:82:57:EA:CB:1D:DE:C5:38:96:68:04
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 0194228D81D700F5A45500571E74058F4A14
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/6d/1455d2-724a-439e-96ed-9876aebbd2c9/1/5mNquBo0Op_9glfqyx3exTiWaAQ.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/6d/1455d2-724a-439e-96ed-9876aebbd2c9/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 15:48:06 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 29357
IP: 78.89.0.0/16
IP: 178.53.0.0/16
IP: 185.146.240.0/22
IP: 188.70.0.0/15
IP: 217.69.176.0/20
IP: 2a00:1850::/29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:81:d7:00:f5:a4:55:00:57:1e:74:05:8f:4a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 15:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6636ab81a343a9ffd8257eacb1ddec538966804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:83:ff:a3:1b:51:b6:53:6e:99:94:2f:47:0f:
a9:78:49:d8:fa:81:0a:bb:7a:c7:33:6a:e7:b6:eb:
85:dc:6a:99:44:e8:fe:d3:67:70:7c:08:ef:79:30:
89:76:3f:2b:29:d1:8c:46:fe:83:2a:8b:d7:cd:6a:
95:a7:f6:58:a7:89:54:e2:87:27:b1:0b:b0:a5:a0:
d6:fe:48:03:ba:6a:c3:a5:f4:76:d0:4e:e9:2e:8c:
39:59:2f:6b:47:60:d7:6f:32:53:6c:78:54:a1:2b:
77:d9:5b:c4:46:7d:5a:59:3c:33:9f:cb:b8:4f:82:
62:dd:42:da:fb:69:48:e4:ae:5e:f3:9f:97:a9:17:
e0:47:d2:fa:6e:33:c5:fb:59:c8:38:b3:d0:aa:95:
a0:d9:28:e1:7f:03:8c:a1:2c:a6:dc:be:c9:31:dc:
d4:af:45:af:a5:48:b8:6b:c1:58:0b:d6:fc:38:e4:
7d:62:e1:18:fd:65:20:dc:b1:55:9a:e0:d8:c1:7b:
cd:c2:98:56:f9:cd:ab:35:31:a9:af:ab:66:3c:bb:
43:3d:f8:fa:44:fe:c8:61:24:c5:a0:c0:50:e7:55:
da:19:d3:3d:5f:18:04:5f:cc:2c:4a:b4:87:8e:50:
45:03:56:28:1c:a3:01:e8:bc:a1:85:3a:f5:b0:8a:
65:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:63:6A:B8:1A:34:3A:9F:FD:82:57:EA:CB:1D:DE:C5:38:96:68:04
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/1455d2-724a-439e-96ed-9876aebbd2c9/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/1455d2-724a-439e-96ed-9876aebbd2c9/1/5mNquBo0Op_9glfqyx3exTiWaAQ.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.89.0.0/16
178.53.0.0/16
185.146.240.0/22
188.70.0.0/15
217.69.176.0/20
IPv6:
2a00:1850::/29
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
29357
Signature Algorithm: sha256WithRSAEncryption
52:aa:2b:75:7f:93:42:f0:8b:f6:c7:af:ff:42:b3:f5:f8:21:
4a:12:62:d0:a4:dc:96:84:6c:3a:0a:7f:06:0c:87:2d:58:43:
a5:17:fd:d2:fb:28:6f:ca:31:a9:57:1a:f0:e1:42:05:35:6f:
d0:69:8f:1a:06:d9:2f:75:5a:0d:a9:09:4e:8e:5d:3c:04:94:
f0:fa:e8:48:a4:79:cd:ca:a6:47:c5:ae:b8:2c:f5:cf:ed:ad:
04:75:b3:b3:da:32:8c:7b:d5:73:6a:72:0e:73:86:3d:72:00:
1c:a7:dc:a3:f2:0d:11:e2:63:2c:54:2c:a3:1b:75:b2:b1:bc:
15:3d:c7:2e:9a:70:0c:a8:d7:1b:e4:64:c4:d2:2c:d5:4c:e5:
06:f0:5f:79:32:33:58:1c:2f:ee:70:7e:3f:e0:06:c3:43:e5:
cc:14:21:14:56:14:52:b6:74:3c:75:40:51:dc:ad:c4:63:d1:
9a:2d:80:db:71:4e:20:ff:f5:87:c9:71:19:d6:7e:2f:f5:d4:
c3:f7:28:67:11:7e:37:9a:be:4a:2f:8a:99:e0:5e:ad:80:37:
25:b9:bd:84:5b:ba:30:7b:4f:73:ff:05:20:34:03:e0:a5:da:
c7:b1:3f:c2:ee:02:3b:1b:20:6c:e6:d4:2c:dd:bd:b5:03:db:
b8:92:2c:94
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgISAZQijYHXAPWkVQBXHnQFj0oUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjYzNmFiODFhMzQzYTlmZmQ4MjU3ZWFjYjFkZGVjNTM4OTY2ODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4P/oxtRtlNumZQvRw+peEnY+oEK
u3rHM2rntuuF3GqZROj+02dwfAjveTCJdj8rKdGMRv6DKovXzWqVp/ZYp4lU4ocn
sQuwpaDW/kgDumrDpfR20E7pLow5WS9rR2DXbzJTbHhUoSt32VvERn1aWTwzn8u4
T4Ji3ULa+2lI5K5e85+XqRfgR9L6bjPF+1nIOLPQqpWg2SjhfwOMoSym3L7JMdzU
r0WvpUi4a8FYC9b8OOR9YuEY/WUg3LFVmuDYwXvNwphW+c2rNTGpr6tmPLtDPfj6
RP7IYSTFoMBQ51XaGdM9XxgEX8wsSrSHjlBFA1YoHKMB6LyhhTr1sIplqQIDAQAB
o4ICwzCCAr8wHQYDVR0OBBYEFOZjargaNDqf/YJX6ssd3sU4lmgEMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzZkLzE0NTVk
Mi03MjRhLTQzOWUtOTZlZC05ODc2YWViYmQyYzkvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQvMTQ1NWQy
LTcyNGEtNDM5ZS05NmVkLTk4NzZhZWJiZDJjOS8xLzVtTnF1Qm8wT3BfOWdsZnF5
eDNleFRpV2FBUS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUF
BwEHAQH/BDQwMjAhBAIAATAbAwMATlkDAwCyNQMEArmS8AMDAbxGAwQE2UWwMA0E
AgACMAcDBQMqABhQMBkGCCsGAQUFBwEIAQH/BAowCKAGMAQCAnKtMA0GCSqGSIb3
DQEBCwUAA4IBAQBSqit1f5NC8Iv2x6//QrP1+CFKEmLQpNyWhGw6Cn8GDIctWEOl
F/3S+yhvyjGpVxrw4UIFNW/QaY8aBtkvdVoNqQlOjl08BJTw+uhIpHnNyqZHxa64
LPXP7a0EdbOz2jKMe9VzanIOc4Y9cgAcp9yj8g0R4mMsVCyjG3WysbwVPccumnAM
qNcb5GTE0izVTOUG8F95MjNYHC/ucH4/4AbDQ+XMFCEUVhRStnQ8dUBR3K3EY9Ga
LYDbcU4g//WHyXEZ1n4v9dTD9yhnEX43mr5KL4qZ4F6tgDclub2EW7owe09z/wUg
NAPgpdrHsT/C7gI7GyBs5tQs3b21A9u4kiyU
-----END CERTIFICATE-----
Generated at Wed Apr 23 00:01:43 2025 by rpki-client